Defense in Depth

Definition(s)


Defense in Depth

The strategy of placing layers of increased protection between access points and critical assets,

Source: API RP 781 Security Plan Methodology for the Oil and Natural Gas Industries.1st Ed. September 2016. Global Standards

Defense in Depth

Provision of multiple security protections, especially in layers, with the intent to delay if not prevent an attack.

  • NOTE: Defense in depth implies layers of security and detection, even on single systems, and provides the following features:
  1. attackers are faced with breaking through or bypassing each layer without being detected
  2. a flaw in one layer can be mitigated by capabilities in other layers
  3. system security becomes a set of layers within the overall network security.

Source: ANSI/ISA–99.00.01–2007, Security for Industrial Automation and Control Systems, Part 1: Terminology, Concepts, and Models, 29 October 2007. National Standard